ESAPI is Enterprise security api’s for remediation of OWASP Top 10 vulnerabilities. It has generic api's for each of these vulnerability. This is a great source where application developers can see how specific issues can be remediated. The ESAPI libraries are designed to make it easier for programmers to retrofit security into existing applications. The ESAPI libraries also serve as a solid foundation for new development.

+

| Content =

| Content =

−

* Content_X<br>

+

&nbsp;

−

* Content_Y<br>

+

ESAPI is a collection security building blocks. All ESAPI language versions have the same basic design. There is a set of security control interfaces. There is a reference implementation for each security control. There are optionally your own implementations for each security control.

−

* Content_Z<br>

+

<br><br>

−

| Material = [http:// TBD]

+

You can download ESAPI from [http://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API#tab=Downloads here.] The [[ESAPI_Swingset | ESAPI Swingset]] sample application demonstrates how to leverage ESAPI to protect a web application.

Latest revision as of 10:26, 23 November 2010

ESAPI is Enterprise security api’s for remediation of OWASP Top 10 vulnerabilities. It has generic api's for each of these vulnerability. This is a great source where application developers can see how specific issues can be remediated. The ESAPI libraries are designed to make it easier for programmers to retrofit security into existing applications. The ESAPI libraries also serve as a solid foundation for new development.

Contents

Materials

ESAPI is a collection security building blocks. All ESAPI language versions have the same basic design. There is a set of security control interfaces. There is a reference implementation for each security control. There are optionally your own implementations for each security control.

You can download ESAPI from here. The ESAPI Swingset sample application demonstrates how to leverage ESAPI to protect a web application.